skip navigation

More signal. Less noise.

Daily briefing.

China's Great Firewall appears to be redirecting large amounts of "bogus traffic" to foreign sites. It's unclear whether this is deliberate policy or an accidental artifact of Chinese censorship, but the redirection arouses overheated complaints that China has "weaponized its entire population" into a DDoS attack machine.

A French museum cancels a cartoonists' convention after it sustains cyber attacks (the museum also notes Islamist murders at Charlie Hebdo and a Danish symposium featuring a controversial cartoonist).

The ISIS-affiliated al-Battar Media Foundation's female unit (the al-Khansaa Media Brigade) steps up social media recruiting of women residing in Europe and North America. The Brigade urges them to rally to the Caliphate. Saudi Arabia's new king convened a summit of Islamic organizations in Mecca last week with the aim of organizing a Muslim response to ISIS terror — observers watch for the conference to prompt information operations.

Akamai's Prolexic unit looks into DDoS-for-hire exploitation of vulnerable software-as-a-service platforms (Joomla among them).

Malwarbytes describes how compromised cPanel "Account Suspended" pages redirect to the Fiesta exploit kit.

Bitdefender finds ten "unusually aggressive" adware-infested apps in Google Play.

Shodan searches reveal some 2500 Seagate network attached storage devices vulnerable to a zero-day disclosed back in October.

Trend Micro reports seeing new TorrentLocker email vectors that bypass spam filters and use DMARC reports (Domain-based Message Authentication, Reporting and Conformance) in target reconnaissance.

Analysts consider the significance of the Gemalto hack and the Lenovo-Supership incident.

SAIC acquires Scitor.

Biometrics and deep web scanning contribute to US investigations of ISIS.

Notes.

Today's issue includes events affecting Australia, Austria, Brazil, Canada, China, European Union, France, India, Indonesia, Iraq, Ireland, Kuwait, Mexico, Netherlands, Norway, Portugal, Saudi Arabia, Syria, United Kingdom, United States.

Cyber Attacks, Threats, and Vulnerabilities

China's Great Firewall is demolishing foreign websites — and nobody knows why (Quartz) Software designer Craig Hockenberry noticed something very strange was happening to his small corporate website The Iconfactory one morning last month: traffic had suddenly spiked to extremely high levels — equivalent to more than double the amount of data transmitted when Kim Kardashian's naked photos were published last year

French Cartoonist Conference Cancelled After Cyber Attacks (Artlyst) The Le Mémorial de Caen Museum in Normandy, France has decided to cancel a planned cartoonists' conference in April due to fears over a potential terrorist response, Monopol reports

Islamic State's female jihadists use social media to lure women recruits (Long War Journal) Jihadist women are using social media to recruit other women for the Islamic State's declared "caliphate." The practice is not a new phenomenon. Western females who have migrated to the Islamic State have used various online platforms to lure young women into jihad in Syria

Security alert: DDoS-for-hire preying on SaaS apps such as Joomla (First Post) Akamai's Prolexic Security Engineering & Research Team (PLXsert) in collaboration with PhishLabs' R.A.I.D, has come up with a new cybersecurity threat advisory alerts enterprises and Software-as-a-Service (SaaS) providers of attackers using Joomla servers with a vulnerable Google Maps plugin installed as a platform for launching distributed denial of service (DDoS) attacks

Aggressive adware in Google Play apps (Help Net Security) Bitdefender has discovered 10 Google Play apps that have been packed full of aggressive adware. These either subscribe users to premium-rate numbers using scareware messages or install additional apps that incorporate even more ads

Zero-day in Seagate NAS allows attacker to remotely get unauthorized root access (NetworkWorld) Got root? Shodan shows over 2,500 Seagate NAS devices with flawed firmware connected to the Internet that attackers could exploit for remote code execution

How a Blu-ray disc could install malware on your computer (PC World) A pair of vulnerabilities found in hardware and software for playing Blu-ray discs might come in handy for secret snooping by the U.S. National Security Agency

TorrentLocker Ransomware Uses Email Authentication to Refine Spam Runs (TrendLabs Security Intelligence Blog) In monitoring the ransomware TorrentLocker, we noticed a new development in its arrival vector. In previous entries, we noted that a particular wave of the crypto-ransomware was using spammed messages that were designed to evade spam filters

Dridex Downloader Analysis (Infosec Institute) Yesterday I received in my company inbox an email with an attached .xlsm file named D92724446.xlsm coming from Clare588… Central and local AV engines did not find anything malicious, and a multiengine scan got 0/57 as result

Questioning Gemalto's Reaction to Hack (BankInfoSecurity) Company's one-week investigation downplays the impact

Gemalto hack shows how far we are from deciding acceptable 'security norms' (The Conversation) Is it true spies hack technology companies? Can governments really listen to your phone calls? Should we care?

Anatomy of a certificate problem — Comodo's "PrivDog" software in the spotlight (Naked Security) An adware program called SuperFish hogged the cryptography news lately

Post-adware problems Lenovo promises cleaner and safer PCs (MicroScope) Lenovo has been hitting the headlines for all the wrong reasons in the past week and has moved to bring the curtain down on a torrid time that saw it deliver PCs with adware pre-loaded

Superfish and the Undermining of the Internet Trust Model (Dark Matters) This week been a wild ride for infosec news, with the biggest story being revelations that Lenovo pre-installed Superfish spyware on devices shipped between September and December of last year

Security firm finds link between China and Anthem hack (Washington Post) A Northern Virginia cyber security firm says it has uncovered links between Chinese government-sponsored researchers and the hack of health insurance giant Anthem

Why the Anthem Breach May Be a Catastrophic Event for US Children (Cyveillance Blog) In all the noise around the stolen customer data at Anthem Healthcare, many have missed what is now a new and very serious risk to American households: millions of children's social security numbers have been stolen, and will be used in waves of financial crimes over decades to come

Inside a Retail Hack: Lateral Movement & Credential-Harvesting (Duo Security) In 2014, 1,000 retail businesses were hit by remote attacks. Ultimately, most retail attacks started with stolen credentials, which enabled attackers to move laterally, harvesting credentials along the way until they reached their final destination

Toys "R" Us Resets Account Passwords Following Unauthorized Access (Softpedia) Users with accounts at Toys "R" Us are informed by the company that a hard password reset procedure has been initiated for their accounts as a result of attempts from a third party to gain unauthorized access

US retailer Natural Grocers investigates data breach (ComputerWeekly) Natural Grocers is the latest US retailer to announce that is investigating a possible data breach involving customer payment cards

Uber reveals itself victim of cyber attack — last May (SMN Weekly) Ride sharing startup Uber revealed recently that it had been victimized in a cyber attack that saw its driver data compromised more than nine months ago

Bulletin (SB15-061) Vulnerability Summary for the Week of February 23, 2015 (US-CERT) The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week

Security Patches, Mitigations, and Software Updates

BitDefender bit trip slaps 'valid' on revoked certs (Register) Patch for security suites inbound

Microsoft Security Essentials Updated Against Lenovo Bug (JBG News) Microsoft Security Essentials has been updated to remove the Superfish malware which came pre-loaded on many Lenovo laptops

Gemalto Adds Tokenisation Based Payment System to Boost Security (Computer Business Review) It will make smartphone based payment systems more secure

Cyber Trends

Mobile Security By The Numbers (Dark Reading) Rounding up the latest research on mobile malware and security practices

Sophisticated cyber crime methods are changing the definition of hacking (Penn State News) More than 100 banks in 30 countries have joined the ranks of Anthem Blue Cross Blue Shield and Sony Pictures

Five Reasons ICS-SCADA Security is Fragile (Dark Matters) Industrial control systems support our way of life, and yet they are fragile. To understand why they are so fragile, it's important to first understand a bit of the ICS architecture

The shift to secure apps in the enterprise (Help Net Security) As enterprises are mobilizing content and apps, they are also fortifying their cyber resiliency with accelerated activations of secure mobile apps, which grew 65 percent during the fourth quarter and 300 percent during the year, according to Good Technology

Anthem hack offers big lessons for business, consumers (Indianapolis Star) The record Anthem data breach shows vulnerabilities of an economy built around the convenience and openness of the Internet but one that lacks the security to keep sensitive information safe

What Healthcare Boards Need to Know About Hacking (Health Data Management) Hospital chain Community Health Systems offered 4.5 million patients identity protection services after a major hack of its information systems, with the attackers suspected to be part of a criminal ring in China

Medical identity theft affected two million victims in 2014 (Help Net Security) The number of patients affected by medical identity theft increased nearly 22 percent in the last year, an increase of nearly half a million victims since 2013

Suits and Hoodies: The Two Cybersecurity Cultures (The Atlantic) How a tense exchange between the NSA director and a Yahoo executive reveals the rift between D.C. and Silicon Valley

Marketplace

Boom or Bust? Cyber Security and Data Breach Loss in Latin America (JDSupra) Every day in the news we are assaulted by reports of cyber security and data breaches of industry giants, major retailers and financial conglomerates that compromise the privacy and security of millions

Threat from Cyber Crimes: Insurance Cover Mooted (New Indian Express) Emphasizing the need for providing insurance cover against cyber crimes in the financial sector, RBI executive director G Padmanabhan said that it was important for the insurance sector to respond in providing cover against the cyber crimes

You got hacked. Cybersecurity stocks soar (CNN Money) Companies keep getting hacked. And that's music to the ears of the executives and investors in cybersecurity companies

Data breach consequences: Get breached, make money? (TechTarget) Data breaches aren't associated with soaring stock prices, but recent examples show breaches may boost stocks

SAIC Enters Into Definitive Agreement To Acquire Scitor Corporation (PRNewswire) Scitor, with annual revenues of approximately $600 million, is a premier intelligence community provider engaged on critical missions in support of national security

Big Blue spending big bucks on emerging business (MicroScope) IBM expects nearly half of its revenue to come from emerging businesses such as cloud, analytics, security and mobile by 2018

Kaspersky interview: "It's a brutal market but we're leading the way" (PCR) PCR sits down with senior execs from security software vendor Kaspersky Lab to discuss its big retail push, revenue share scheme, fierce competition and how the 'Internet of Things' is shaping the sector

Air Force asks Northrop Grumman to beef-up cyber security for BACN communications (Intelligent Aerospace) Military communications experts at Northrop Grumman Corp. are beefing-up a major airborne battlefield communications system to protect it from computer hackers and other cyber security threats

Case study: Norwegian insurer invests in Darktrace machine-learning cyber defence (ComputerWeekly) Founded in 1935, the Norwegian shipowners' mutual war risks association, DNK, is a members' own company, which insures interests attached to vessels, drilling rigs and similar movable units

Products, Services, and Solutions

3 new tools that can detect hidden malware (Network World via IT World) We tested new security appliances from Damballa, Lancope and LightCyber that are designed to detect the latest cyber-attacks

Silent Circle Outs Blackphone 2, Blackphone+ Tablet As It Zeroes In On Enterprise Security (TechCrunch) A sequel to last year's pro-privacy Android smartphone Blackphone has just been announced, here at the Mobile World Congress trade show in Barcelona

IBM, Juniper to offer joint network analytics (TechTarget) IBM and Juniper say they will work together to deliver customer intelligence to cloud and communications service providers

AdaptiveMobile tackles 'grey routes' with intelligent message-centric protection (realwire) AdaptiveMobile, the world leader in mobile security, today launched its Grey Routes Protection managed service to combat the fraudulent international flow of messaging across mobile networks

Comodo Introduce KoruMail (Host Review) The Comodo organization, a global innovator and developer of cyber security solutions, today announced the general availability of Comodo KoruMail, an enterprise antispam appliance that uses advanced spam filters and anti-virus scanners to prevent unsolicited mail from entering an enterprise network and potentially delivering damaging malware

Containment security solutions for endpoints effectively stop attacks before harm is done (Network World) The way to protect PCs is to isolate untrusted tasks. BufferZone and Bromium offer interesting solutions

Blue Coat Systems and Prelert Partner to Provide Anomaly Detection in Security Solutions (InsideBigData) Prelert, a leading provider of machine learning anomaly detection, and Blue Coat Systems, Inc., a market leader in enterprise security, announced a partnership to integrate Prelert's machine learning analytics into Blue Coat's portfolio of security solutions

Freeware tool helps monitor privileged accounts (Help Net Security) Netwrix Effective Permissions Reporting Tool is a freeware solution designed to monitor privileged accounts by reporting on effective permissions in Active Directory and file shares

Minlock.IO "File Encryption Software that Does More with Less" (School of Privacy) A nice project headed by Nadim…the creator of long time favorite privacy messaging platform crypto.cat that works similar to PGP where you can sue your Email and a secret passphrase to create a mini lock ID which you can share

Modern Defense Against CSRF Attacks (Resonant Core) In web application security, Cross-Site Request Forgery (CSRF) is a type of attack that tricks the victim into running a command on behalf of the attacker by sending the victim an otherwise innocent HTML snippet

Technologies, Techniques, and Standards

Certificate Authority Security Council Moves Web Security Forward (eWeek) The CASC was formed two years ago by the major SSL CAs. Here's a look at what the council is doing now and what's next for digital certificate security

Is it possible to determine if your Internet connection has been hijacked? (CSO) Simple visual cues can help determine the legitimacy of an HTTPS connection

Data Mining Protection: Taking A Privacy Roadtrip with IRMA (Dark Matters) If you have ever clicked "I Agree" on Facebook or an Apple device without really going through it, it might be worth your while to go back and read up. Do you know where your data is going?

Cyber Intelligence: Defining What You Know (Dark Reading) Too often management settles for security data about things that are assumed rather than things you can prove or that you know are definitely wrong

CIOs and CISOs to focus on threat intelligence (SC Magazine) Chief Information Officers (CIO), Chief Information Security Officers (CISOs) and other senior IT leaders will increasingly deploy threat intelligence-based solutions in their enterprise networks over the next three years, according to a new report

Hacking: Why Any Business Can Be At Risk And How To Prevent It (Forbes) The term 'ethical hacking' may seem like something of an oxymoron, but it is a precaution that should be of interest to almost all businesses

Privacy and Humanity Elements for the IoT/IoE (Dark Matters) In the first and second parts of this series we have introduced the risks of the IoT / IoE world, addressed the mandatory security design considerations around the C-I-A — triple, the concepts of "openness", the secure system and SDLC, the 4 "A"s, as well as the term "non-repudiation"

Opinion: After high-profile hacks, it's time for a bolder approach to cybersecurity (Christian Science Monitor: Passcode) Among the lessons from the Sony hack was that conventional cybersecurity measures don't always stop intruders. What more corporations need to apply is an active defense to better understand and stop future threats

Security framework for governments deploying the cloud (Help Net Security) ENISA released a framework structured into four phases, nine security activities and fourteen steps that details the set of actions Member States should follow to define and implement a secure Gov Cloud

NIST outlines guidance for security of copiers, scanners (GCN) The National Institute of Standards and Technology announced its internal report 8023: Risk Management for Replication Devices is now available

Should companies have to detail state of tech infrastructure? (ZDNet) Perhaps companies would step up their cyber security game if they had to provide details on how they've scrimped over the years on tech infrastructure. Hmm

Design and Innovation

Listen up! Qualcomm's ultrasonic 3D fingerprint scanner could one day give passwords the finger (hands-on) (CNET) Sound waves aren't just for voices. They're also adept at priming your prints, and one day replacing your passwords

Software-defined networking key to Lockheed's DISA deal (FCW) Success in Lockheed Martin's $4.6 billion contract to help manage the Defense Department's global information networks may hinge on an IT tool, software-defined networking

Old-school landline phones to protect elderly from "it's me" scammers (Naked Security) Imagine a con artist were to call your grandmother

Research and Development

IARPA's CAUSE Cybersecurity Program Elicits Reaction From Experts (HS Today) The Intelligence Advanced Research Projects Activity's (IARPA) recent announcement that its Office for Anticipating Surprise held a "proposers' day conference" for its Cyber-attack Automated Unconventional Sensor Environment (CAUSE) Program in anticipation of the release of a new solicitation in support of the program has provoked a variety of responses by cybersecurity authorities

NIH dives into cyber-physical systems research (GCN) The National Institutes of Health, in collaboration with several other agencies, has announced funding and grant opportunities in the area of cyber-physical systems (CPS), a new generation of embedded systems with integrated computational and physical capabilities

Academia

The dawn of the intelligence revolution (THe Hindu) About 160 students of IIIT and Indian School of Business take part in the24-hour hackathon organised by Microsoft India and IIIT

PA Cyber teams top Pennsylvania in cyber security competition (PRNewswire via IT Business Net) Three teams of high school students from PA Cyber Charter School finished highest in the state in a national competition in which students apply IT skills to remove hacking tools, viruses, and other computer security threats in a six-hour scenario

Legislation, Policy, and Regulation

NATO: Defending agains the known unknowns (SC Magazine) Near the Belgian city of Mons, site of World War I's first major battle, not far from the battlefields of Waterloo, is one of todays ongoing international cyber-battlefields, NATO's Supreme Headquarters Allied Powers Europe (SHAPE)

An Anti-ISIS Summit in Mecca (The Atlantic via Defense One) A little-noticed conference in Mecca on 'Islam and Counterterrorism' offers a counterpoint to the Obama administration's narrative on how to defeat ISIS

China's information security rules justified (Global Times) Over the weekend, the US media reported that dozens of executives of Silicon Valley companies and trade association officials had asked Washington to get tough with Beijing, assuming that China's new regulations on information security would give them a tougher business environment in China. Earlier in February, four senior US officials, Secretary of State John Kerry, Treasury Secretary Jacob Lew, Commerce Secretary Penny Pritzker and Trade Representative Michael Froman, signed and sent a letter to their Chinese counterparts to ask for the suspension of a banking regulation

China Draft Counterterror Law Strikes Fear in Foreign Tech Firms (Re/code) China is weighing a far-reaching counterterrorism law that would require technology firms to hand over encryption keys and install security "backdoors," a potential escalation of what some firms view as the increasingly onerous terms of doing business in the world's second-largest economy

Antivirus Maker Avast Is Latest Overseas Tech Firm Blocked In China (TechCrunch) Popular security software company Avast is the latest overseas technology company to get caught in China's censorship net after users began reporting that its service and website were blocked inside the country

Indian Government bans third party email services, including Gmail and Yahoo (Security Affairs) The Indian Government bans third party email services, including Gmail and Yahoo, from its offices in order to protect government communications

Australians troll politicians via iMessage, in protest at metadata law (Graham Cluley) Here's a piece of advice

NSA authority to collect bulk phone data extended to June 1 (Computerworld) The approval will be the last before the relevant statute in the Patriot Act comes up for renewal

Joint Statement by the Department of Justice and the Office of the Director of National Intelligence on the Declassification of Renewal of Collection Under Section 215 of the USA PATRIOT Act (50 U.S.C. Sec. 1861) (IC on the Record) Early last year in a speech at the Department of Justice, President Obama announced a transition that would end the Section 215 bulk telephony metadata program as it previously existed, and that the government would establish a mechanism that preserves the capabilities we need without the government holding this bulk data

A Year of Terror Hasn't Made CPACers Warm to the NSA (National Review) The attendees of the Conservative Political Action Conference skew much younger and more libertarian than the Republican party as a whole, but it's still striking that about two-thirds of participants in the conference's straw poll oppose the National Security Agency's use of telephone metadata to investigate terrorism

Congress averts homeland security shutdown (DefenseNews) Congress narrowly averted a partial shutdown of the Department of Homeland Security late Friday

Who Needs the Department of Homeland Security Anyway? (Foreign Policy) Why the case against a shutdown isn't a slam dunk

Is the Newest U.S. Cybersecurity Agency Necessary? (VR World) The US has created another cybersecurity agency to deal with incoming threats. Is it really necessary?

The FCC's Big Net Neutrality Day (TechZone360) I am going to admit to being surprised by the U.S. Federal Communications Commission's (FCCs) Open Internet decision

Net neutrality could hinder efforts to safeguard Web, worry security experts (Christian Science Monitor: Passcode) Some security experts are concerned that newly adopted net neutrality rules will limit broadband providers' abilities to limit malicious traffic and spam, thus slowing down progress toward a safer Internet

New York lawmakers seeking to strengthen cyber security (Albany Business Review) New York lawmakers passed legislation seeking to strengthen protections against cyber attacks in the wake of a massive data breach at Anthem Inc. affecting about 80 million people

What banks and regulators do to combat hacking (Finance Innovation) Gartner defines identity access management (IAM) as the security discipline that enables the right individuals to access the right resources at the right times for the right reasons

Litigation, Investigation, and Law Enforcement

'Jihadi John' and the Future of the Biometrics Terror Hunt (Defense One) The future of the biometrics dragnets that identified an Islamic State executioner is on a hilltop in West Virginia

Pentagon using deep web tool to 'scoop up' data on Islamic State (Washington Times) The Pentagon's research arm tasked with coming up with breakthrough technologies is using an experimental deep web tool to "scoop up" valuable data on the Islamic State terrorist group and its supporters

Data breaches fuel new era of tax fraud (The Hill) The rash of massive data breaches across the United States is driving a new era of electronic tax fraud that has caught Congress's attention and left consumers wondering if their tax information is safe

Cybercrime could become more lucrative than drugs, police chief warns (Telegraph) Adrian Leppard, the Commissioner of the City of London Police, says at least a quarter of organised criminals in Britain are now involved in online fraud

Computer Forensics Critical In The Trial Of Silk Road’s Ross Ulbricht (HS Today) The ongoing trial of Silk Road creator Ross Ulbricht (a.k.a. Dread Pirate Roberts, or DPR) is not only fascinating, but it will have tremendous implications for criminals in the future

Anonymous hacker indicted for revenge hacking of Australian intelligence websites (HackRead) An Australian Anonymus hacker indicted for Australian intelligence websites' revenge hacking

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Upcoming Events

10th Annual ICS Security Summit (Orlando, Florida, USA, February 22 - March 2, 2015) Attendees come to the Summit to learn and discuss the newest and most challenging cyber security risks to control systems and the most effective defenses. The Summit is designed so you leave with new tools...

2015 Cyber Risk Insights Conference — San Francisco (San Francisco, California, USA, March 3, 2015) Following on the success of the 2014 half-day cyber risk event, Advisen will present a full day of learning and networking for risk managers, CISOs, CROs, insurance brokers, insurance underwriters, reinsurers...

Cybergamut Technical Tuesday: Tor and the Deep Dark Web (Columbia, Maryland, Sioux Falls, March 3, 2015) This talk will explore the use of Tor and how it relates to garnering useful intelligence. Distinguishing attribution or valuable intelligence from limited event data is difficult. Leveraging external...

Boston SecureWorld (Boston, Massachusetts, USA, March 4 - 5, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry...

Mercury Proposers' Day Conference (IARPA1, Washington, DC, March 5, 2015) The Intelligence Advanced Research Projects Activity (IARPA) will host a Proposers' Day Conference for the Mercury Program on March 5, in anticipation of the release of a new solicitation in support of...

Financial Services Cyber Security Summit: Middle East and North Africa (Dubai, UAE, March 9 - 10, 2015) Building on the success and feedback of our Cyber Security Summit in Europe — 180 attendees, 3 streams, CPE certified — we are pleased to invite you to the Financial Services Cyber Security...

The Vulnerability Economy: Zero-Days, Commerce and National Security (Rockville, Maryland, USA, March 10, 2015) Dr. Ryan Ellis (Belfer Center, Harvard University) will explore a series of topics around cybersecurity including the challenges and opportunities associated with the growing trade in previously unknown...

OISC: Ohio Information Security Conference (Dayton, Ohio, USA, March 11, 2015) Technology First invites you to participate in the 12th Annual Ohio Information Security Conference Wednesday, March 11, at the Sinclair Community College Ponitz Center in Dayton, Ohio. The conference...

RiSK Conference 2015 (Lasko, Slovenia, March 11 - 12, 2015) In recent years RISK conference has become one of the leading events on computer security in the Adriatic region and is attended by engineering as well as executive staff of companies from the region.

B-Sides Vancouver (Vaqncouver, British Columbia, Canada, March 16 - 17, 2015) The third annual Security B-Sides Vancouver is an information security conference that will be held March 16th and 17th. We love to see brand new speakers, seasoned speakers, and everyone in between

Insider Threat 2015 Summit (Monterey, California, USA, March 16 - 17, 2015) The Insider Threat 2015 Summit is about bringing Government and Industry organizations and their cybersecurity leaders together in order to better understand the type of threats that may impact their infrastructure...

2015 North Dakota Cyber Security Conference (Fargo, North Dakota, USA, March 17, 2015) The North Dakota Cyber Security Conference brings together community members from academia, government and industry to share strategies, best practices and innovative solutions to address today's challenges...

IT Security Entrepreneurs Forum: Bridging the Gap Between Silicon Valley & the Beltway (Mountain View, California, USA, March 17 - 18, 2015) IT Security Entrepreneurs Forum (ITSEF) — SINET's flagship event — is designed to bridge the gap between the Federal Government and private industry. ITSEF provides a venue where entrepreneurs...

Philadelphia SecureWorld (Philadelphia, Pennsylvania, USA, March 18 - 19, 2015) Join your fellow security professional for affordable, high-quality cybersecurity training and education at a regional conference near you. Earn CPE credits while learning from nationally recognized industry...

2015 Cyber Security Summit (McLean, Virginia, USA, March 19, 2015) During Congressman Mike Rogers' "The Code War in America" talk at the June 2013 POC breakfast, he challenged all of us to "recognize that every day U.S. businesses are targeted by governments like China...

BSides Salt Lake City (Salt Lake City, Utah, USA, March 20 - 21, 2015) BSides is a community-driven framework for building events for and by information security community members. The goal is to expand the spectrum of conversation

CarolinaCon-11 (Raleigh, North Carolina, USA, March 20 - 22, 2015) CarolinaCon-11 (also hereby referred to as "The Last CarolinaCon As We Know It") will occur on March 20th-22nd 2015 in Raleigh NC (USA). We are now officially accepting speaker/paper/demo submissions...

Cyber Security Conference 2015 (Bolton, UK, March 23 - 24, 2015) Cyber Security Conference 2015 is a coming together of the North of England's two most successful Cyber Security Conferences; BEC Information & Data Security Conference and Lancaster University's North...

CyberTech Israel 2015 (Tel Aviv, Israel, March 24 - 25, 2015) In the face of these enemies and threats, individuals, organizations and states are required to produce innovative, unique solutions that would improve the resistance and resilience of the sensitive systems...

2nd Annual ISSA COS Cyber Focus Day (Colorado Springs, Colorado, USA, March 25, 2015) Join us for the Information Systems Security Association (ISSA) — Colorado Springs Chapter — Cyber Focus Day set to take on Wednesday, March 25, 2015 at the University of Colorado Colorado...

28th Annual FISSEA Expo (Gaithersburg, Maryland, USA, March 25, 2015) This year's theme is "Changes, Challenges, and Collaborations: Effective Cybersecurity Training." Through numerous high quality sessions, over 100 attendees will learn new ways to improve their IT security...

CYBERWEST: the Southwest Cybersecurity Summit (Phoenix, Arizona, USA, March 25 - 26, 2015) The purpose of CYBERWEST is to bring together Government and businesses to: Exchange information and learn in areas of policy and strategy; technology and R&D; workforce training and education; and economic,...

Women in Cyber Security (Atlanta, Georgia, USA, March 27 - 28, 2015) Despite the growing demand and tremendous opportunities in the job market, cybersecurity remains an area where there is significant shortage of skilled professionals regionally, nationally and internationally.

Automotive Cyber Security Summit (Detroit, Michigan, USA, March 30 - April 1, 2015) The debut Automotive Cyber Security Summit will bring together CTOs, CSOs, Engineers and IT professionals from GM, KIA, Nissan, Bosch, Qualcomm and more for three days of case studies, workshops, panel...

Insider Threat Symposium & Expo (Laurel, Maryland, USA, March 31, 2015) The National Insider Threat Special Interest Group (NITSIG) announced that it will hold FREE 1 day Insider Threat Symposium & Expo (ITS&E) on March 31, 2015 in Laurel, Maryland. The symposium is exclusively...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.